<?php
include($_SERVER["DOCUMENT_ROOT"]."/bob.php");
include($_SERVER["DOCUMENT_ROOT"]."/fonctions_globales.php");
$mysqli = new_mysqli($host, $user, $password, $database); //connection à la DB

if(@$_SESSION['grad'] != "admin") {
		header("Location: /");
		exit();
}

echo"<html><head>
<title>Newlester yo</title>
</head>
<body bgcolor='#000000' text='#FFFFFF'>";

$add=@$_GET['adresse'];
if($add != ""){
	$add = $mysqli->real_escape_string($add);
	mysqli_query_with_error($mysqli, "UPDATE gens SET newlester='2' WHERE user_email='$add'");
	echo "Vous ne recevrez plus de Newlester";
	exit;
}

if(@$_POST['mail'] != ""){
	 $mail=stripslashes($_POST['mail']);
	 $dat = date("d/m/Y");
	$result = mysqli_query_with_error($mysqli, "SELECT * FROM gens WHERE newlester='2'");
	while($ligne = $result->fetch_assoc()){
		  $adresse = $ligne['user_email'];
		  $bob = "

		Si vous désirez vous désinscrire de la newlester, cliquez ici: 
		http://www.dazdingo.com/news/newlester.php?adresse=$adresse";
		  $mail2 = $mail.$bob;

		 if (mail($adresse, "Mega-Newlester du $dat", $mail2))
		  echo "Ook";
		 else
		  echo "nan";
	 }
}

$adresse="";
$result = mysqli_query_with_error($mysqli, "SELECT * FROM gens");
while($ligne = $result->fetch_assoc()){
  $adresse = $adresse.$ligne['user_email']."; ";
}

echo "<p align='center'><font size='7'>Adminews</font></p>
<p align='center'>
<img border='0' src='images/invers.gif'><br>Bienvenue $login<br><br>Liste des adresse: $adresse<br><br>
<table border='1' width='100%'><tr><td>
<form action='newlester.php' ENCTYPE='text/plain' method='POST'><p align='center'>

Mail:<br><textarea name='mail' cols='70' rows='20'></textarea>
<input type='hidden' name='mpasse' value='$mpasse2'>
<br><input type='hidden' name='oki' value='ok'> <br>
<p align='center'><input type='submit' value='Fight!'><input type='hidden' name='login' value='$login'></form></td><td>";


echo "</table></body></html>";
?>